Overview

overview

8

Static

static

3

581a98416e...da.exe

windows7-x64

8

581a98416e...da.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    581a98416ef59c1897c80375ac7cc5da

  • Size

    668KB

  • Sample

    240113-f7qanachbl

  • MD5

    581a98416ef59c1897c80375ac7cc5da

  • SHA1

    572c9b667bcb7afadff147e0010630b213cbfa66

  • SHA256

    ebb710170635554d4b9ce77873ff341916db87a41f5981830b323c69c2afb736

  • SHA512

    d5b37eeb95827b2701f15793785f3283ce700ed995e55e9dce4852ff73e0920622e70dd952ab9fad6d8882b1acdecc40a50a65c5503b6be7640f6c75d421dd1a

  • SSDEEP

    12288:FeBNUbTVO86UyIR4YhoCHQtXR7/qt1Mp5O/AbSxDefR66jUKCQiMPj:FJIUyGzhowQL7CYgAbWCUKCQimj

Score
8/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      581a98416ef59c1897c80375ac7cc5da

    • Size

      668KB

    • MD5

      581a98416ef59c1897c80375ac7cc5da

    • SHA1

      572c9b667bcb7afadff147e0010630b213cbfa66

    • SHA256

      ebb710170635554d4b9ce77873ff341916db87a41f5981830b323c69c2afb736

    • SHA512

      d5b37eeb95827b2701f15793785f3283ce700ed995e55e9dce4852ff73e0920622e70dd952ab9fad6d8882b1acdecc40a50a65c5503b6be7640f6c75d421dd1a

    • SSDEEP

      12288:FeBNUbTVO86UyIR4YhoCHQtXR7/qt1Mp5O/AbSxDefR66jUKCQiMPj:FJIUyGzhowQL7CYgAbWCUKCQimj

    Score
    8/10
    discoveryevasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks